Using roles for IAM authentication

[mf-lit]

I am running the maildown command line on a ec2 instance with an attached role. This means I don't have any AWS_ACCESS_KEY_ID or AWS_SECRET_ACCESS_KEY variables set, neither do I have a .aws/credentials file. Rather, the role attached to the instance has appropriate SES policies set.

Maildown doesn't seem to fully handle this. This is easier to explain by examples:

The verify command works. Indeed I can see a verification has been registered in the us-east-1 region, so it's definitely picked up the credentials from the attached role:

# maildown verify [email protected]
Email sent to [email protected]. You must click the link in this email to verify ownership before you can send any emails

However, my SES configuration is all in eu-west-1, so having the verification in us-east-1 is no good to me. I tried setting $AWS_DEFAULT_REGION and $AWS_REGION accordingly and running the command again but that makes no difference - verifications are still created in us-east-1

So I tried using the init command to fix the region, but init doesn't seem happy at all that I don't have local credentials:

# maildown init

[KeyError]
'Cannot find expected keys in config file stored at /root/.aws/credentials'

And trying to set the region at init time doesn't help:

# maildown init --backend aws region=eu-west-1

[TypeError]
login() got an unexpected keyword argument 'region'

I'm not sure how to proceed from here?